The US Department of Health and Human Services (HHS) has proposed rules to increase cybersecurity protections for electronic health data. The changes extend to HIPAA-regulated entities such as healthcare providers, insurers, and associated businesses, imposing stricter requirements around risk assessments, data encryption, and more. It will eliminate the “required” and “addressable” distinctions in the implementation specifications, making all violations mandatory. The public has until March 7, 2025, to submit comments on the proposal.

Only 1% of malicious emails that reach inboxes deliver malware
In 2024, 99% of email threats to corporations were found to be social engineering or phishing attacks, as per Fortra. Most pre-delivery email defenses struggle